<?

include('include/functions.php');

//Сессия
ini_set('session.use_cookies', 1);
if (isset($_REQUEST[session_name()])) session_start();

//Авторизация по кукам
if(isset($HTTP_COOKIE_VARS['user']) && isset($HTTP_COOKIE_VARS['password']) && !isset($_REQUEST[session_name()]))
{
   //Проверака имени пользователя и пароля
   $mysql = mysql_connect("localhost", "root", "kGbN85Z");
   mysql_query("USE ftp;");

   //Расшифровка пароля
   $password = base64_decode($HTTP_COOKIE_VARS['password']);

   $sql = "SELECT id FROM users WHERE login = '".mysql_real_escape_string($HTTP_COOKIE_VARS['user'])."' AND password = MD5( '".mysql_real_escape_string($password)."' );";

   //Авторизация прошла успешно
   if(mysql_num_rows(mysql_query($sql)))
   {
      session_start();
      $_SESSION['user'] = $HTTP_COOKIE_VARS['user'];

      //Получаем новый пароль
      $ftppass = GenPass(5);
      $_SESSION['ftppass'] = $ftppass;

      //Меняем пароль к ftp
      mysql_query("USE proftpd;");
      mysql_query("REPLACE users ( username, password, uid, gid, homedir, shell ) VALUES ( '".mysql_real_escape_string($_SESSION['user'])."','".mysql_real_escape_string($ftppass)."', 5010, 5010, '/mnt/ftp', '/bin/nologin' );");

      header("Location: ".$_SERVER['REQUEST_URI']);
   }
}

//Лог
$log = fopen('log','a');
if(isset($_SESSION['user']))
fwrite($log,date("d.m.Y H:i  -  ").$_SESSION['user']."/".$_SERVER['REMOTE_ADDR']."  -  http://".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']."  -  ".$_SERVER['HTTP_USER_AGENT']."\n");
else fwrite($log,date("d.m.Y H:i  -  ").$_SERVER['REMOTE_ADDR']."  -  http://".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']."  -  ".$_SERVER['HTTP_USER_AGENT']."\n");
fclose($log);
?>
